P
US9111077B2ActiveUtilityPatentIndex 31

Method and device for realizing remote login

Assignee: SANGFOR NETWORKS COMPANY LTDPriority: Jan 16, 2012Filed: Dec 20, 2012Granted: Aug 18, 2015
Est. expiryJan 16, 2032(~5.5 yrs left)· nominal 20-yr term from priority
Inventors:HOU LIJUNLI XINGZHANG MINGMING
G06F 21/41G06F 21/316
31
PatentIndex Score
0
Cited by
24
References
8
Claims

Abstract

The present disclosure provides a method and a device for realizing remote login. The method includes: a terminal server responding to a login request to an internal system from an end user, and recording and saving login information of the end user for logging in to the internal system; and the terminal server judging and analyzing the way the end user logs in to the internal system according to the login information and pre-configured rule, and allowing the end user to log in to and access the internal system if the analyzed result matches the pre-configured rule. The method and device allows for implementations of the SSO authentication and user bind authentication on the aspect of the data flow in the terminal server, simplifies the process of logging in to and accessing the internal system, and improves the information security of the system.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
       1. A method for realizing remote login, comprising:
 responding to a login request to an internal system from an end user, and recording and saving login information of the end user for logging in to the internal system at a terminal server; and 
 judging and analyzing the way the end user logs in to the internal system according to the recorded and saved login information and according to pre-configured rule, and allowing the end user to log in to and access the internal system if the analyzed result matches the pre-configured rule at the terminal server; 
 wherein the terminal server records and saves the login information by determining a unique number of a user name input box, a unique number of a password input box, and a unique number of an OK button in each corresponding program in the terminal server when the end user logs in to the internal system; and unique serial numbers of input boxes and buttons corresponding to multiple programs are collected and saved in a login configuration file of the terminal server which corresponds to the end user, and a control installed in the terminal server inputs corresponding information into a corresponding input box when performing login authentication of the end user and analyzes a data flow in the terminal server to determine whether the analyzed result matches the pre-configured rule; 
 wherein judging and analyzing the way the end user logs in to the internal system according to the recorded and saved login information and according to the pre-configured rule, and allowing the end user to log in to and access the internal system if the analyzed result matches the pre-configured rule at the terminal server comprises: 
 judging whether there is SSO information in the internal system according to the recorded and saved login information and according to the pre-configured rule, and automatically inputting the login information of the end user if there is SSO information in the internal system, otherwise requiring the end user to manually input the login information; 
 analyzing the data flow and judging whether the analyzed result matches the pre-configured rule or not after the login information is successfully input, and allowing the end user to log in to and access the internal system if the analyzed result matches the pre-configured rule at the terminal server; and 
 wherein the control analyzes the data flow according to a set rule for binding a master user name and a slave user name; the set rule for binding a master user name and a slave user name is configured by setting different formats of data flows used for filtering different protocols and a field is set to match the user name and another field is set to match the password. 
 
     
     
       2. The method of  claim 1  further comprising the following step:
 showing an access result to the end user at the terminal server. 
 
     
     
       3. The method of  claim 1 , wherein the terminal server judges the way the end user logs in to the internal system by judging whether the end user logs in to the internal system by single sign-on (SSO) authentication. 
     
     
       4. The method of  claim 1 , wherein the protocols are TCP (Transmission Control Protocol), HTTP (Hyper Text Transfer Protocol), FTP (File Transfer Protocol), or simple universal plaintext. 
     
     
       5. A device for realizing remote login, comprising:
 a login recording module, configured for responding to a login request to an internal system from an end user, and recording and saving login information of the end user for logging in to the internal system; and 
 a central authentication module, configured for judging and analyzing the way the end user logs in to the internal system according to the recorded and saved login information and according to pre-configured rule, and allowing the end user to log in to and access the internal system if the analyzed result matches pre-configured rule; 
 wherein the login recording module records and saves the login information by determining a unique number of a user name input box, a unique number of password input box, an a unique number of OK button in each corresponding program in the terminal server when the end user logs in to the internal system; and unique serial numbers of input boxes and buttons corresponding to multiple programs are collected and saved in a login configuration file of the terminal server which corresponds to the end user, and a control installed in the terminal server inputs corresponding information into a corresponding input box when performing login authentication of the end user and analyzes a data flow in the terminal server to determine whether the analyzed result matches the pre-configured rule; 
 wherein the central authentication module comprises a SSO authentication unit and a user bind authentication unit; the SSO authentication unit is configured for judging whether there is SSO information in the internal system according to the recorded and saved login information and according to the pre-configured rule, for automatically inputting the login information if there is SSO information in the internal system, and for requiring the end user to manually input the login information if there is no SSO information; the user bind authentication unit is configured for binding a master user name and a slave user name and analyzing the data flow in the terminal server and judging whether the analyzed result matches the pre-configured rule after the login information is input, and allowing the end user to log in to and access the internal system if the analyzed result matches the internal system; and 
 wherein the control analyzes the data flow according to a set rule for binding the master user name and the slave user name; the set rule for binding the master user name and the slave user name is configured by setting different formats of data flows used for filtering different protocols and a field is set to match the user name and another field is set to match the password. 
 
     
     
       6. The device of  claim 5  further comprising a result showing module configured for showing an access result to the end user. 
     
     
       7. The device of  claim 5 , wherein the central authentication module is further configured for judging whether the end user logs in to the internal system by single sign-on (SSO) authentication. 
     
     
       8. The device of  claim 5 , wherein the protocols are TCP (Transmission Control Protocol), HTTP (Hyper Text Transfer Protocol), FTP (File Transfer Protocol), or simple universal plaintext.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.